[jira] [Comment Edited] (HBASE-14089) Remove unnecessary draw of system entropy from RecoverableZooKeeper

Wed, 15 Jul 2015 17:00:10 -0700 

    [ 
https://issues.apache.org/jira/browse/HBASE-14089?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14628961#comment-14628961
 ] 

Andrew Purtell edited comment on HBASE-14089 at 7/15/15 11:58 PM:
------------------------------------------------------------------

bq. +1 I will defer to your expertise

Thanks. (smile) But what I meant by "why not just +1" is we are arriving at the 
same place within the context of this patch. If you do wish to propose a switch 
to having -Djava.security.egd=file:/dev/./urandom as default in Linux launch 
scripts, please consider filing an issue for that. I might comment I don't 
think it's a good idea but won't veto

Let me commit this in a bit


was (Author: apurtell):
bq. +1 I will defer to your expertise

Thanks. (smile) But what I meant is we are arriving at the same place within 
the context of this patch. If you do wish to propose a switch to having 
-Djava.security.egd=file:/dev/./urandom as default in Linux launch scripts, 
please consider filing an issue for that. I might comment I don't think it's a 
good idea but won't veto

Let me commit this in a bit

> Remove unnecessary draw of system entropy from RecoverableZooKeeper
> -------------------------------------------------------------------
>
>                 Key: HBASE-14089
>                 URL: https://issues.apache.org/jira/browse/HBASE-14089
>             Project: HBase
>          Issue Type: Bug
>            Reporter: Andrew Purtell
>            Assignee: Andrew Purtell
>            Priority: Minor
>             Fix For: 2.0.0, 0.98.14, 1.2.0, 1.1.2, 1.3.0, 1.0.3
>
>         Attachments: HBASE-14089.patch
>
>
> I had a look at instances where we use SecureRandom, which could block if 
> insufficient entropy, in the 0.98 and master branch code. (Random in contrast 
> is a PRNG seeded by System#nanoTime, it doesn't draw from system entropy.) 
> Most uses are in encryption related code, our native encryption and SSL, but 
> we do also use SecureRandom for salting znode metadata in 
> RecoverableZooKeeper#appendMetadata, which is called whenever we do setData. 
> Conceivably we could block unexpectedly when constructing data to write out 
> to a znode if entropy gets too low until more is available. 



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to